WO2007072450A3 - Puf protocol with improved backward security - Google Patents

Puf protocol with improved backward security Download PDF

Info

Publication number
WO2007072450A3
WO2007072450A3 PCT/IB2006/054989 IB2006054989W WO2007072450A3 WO 2007072450 A3 WO2007072450 A3 WO 2007072450A3 IB 2006054989 W IB2006054989 W IB 2006054989W WO 2007072450 A3 WO2007072450 A3 WO 2007072450A3
Authority
WO
WIPO (PCT)
Prior art keywords
protocol
puf
authenticating
physical token
physical
Prior art date
Application number
PCT/IB2006/054989
Other languages
French (fr)
Other versions
WO2007072450A2 (en
Inventor
Pim T Tuyls
Boris Skoric
Willem G Ophey
Original Assignee
Koninkl Philips Electronics Nv
Pim T Tuyls
Boris Skoric
Willem G Ophey
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninkl Philips Electronics Nv, Pim T Tuyls, Boris Skoric, Willem G Ophey filed Critical Koninkl Philips Electronics Nv
Publication of WO2007072450A2 publication Critical patent/WO2007072450A2/en
Publication of WO2007072450A3 publication Critical patent/WO2007072450A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response

Abstract

The present invention relates to a physical token (102), a method of authenticating a physical token (102) and a device (104) for authenticating a physical token. A basic idea of the present invention is to provide a protocol for secure data exchange between two parties, and in particular for authenticating a physical token, such as a smart card comprising a physical unclonable function (PUF), in which protocol a cryptographic key is used which cannot be traced back in time, because the key is obtained by means of a noninvertible function, i.e. a one-way function. The parties may e.g. comprise a verifying party in the form of a bank with which a cash withdrawal is to be effected and a party to be authenticated, which are embodied by an ATM withdrawal card to which a user has access.
PCT/IB2006/054989 2005-12-23 2006-12-21 Puf protocol with improved backward security WO2007072450A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP05112907.0 2005-12-23
EP05112907 2005-12-23

Publications (2)

Publication Number Publication Date
WO2007072450A2 WO2007072450A2 (en) 2007-06-28
WO2007072450A3 true WO2007072450A3 (en) 2007-10-25

Family

ID=38169364

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2006/054989 WO2007072450A2 (en) 2005-12-23 2006-12-21 Puf protocol with improved backward security

Country Status (1)

Country Link
WO (1) WO2007072450A2 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050044385A1 (en) * 2002-09-09 2005-02-24 John Holdsworth Systems and methods for secure authentication of electronic transactions
DE602007013697D1 (en) 2006-01-24 2011-05-19 Verayo Inc
TW201039170A (en) * 2009-04-28 2010-11-01 Thomson Licensing System and method for detecting genuine copies of pre-recorded digital media
US20130298211A1 (en) * 2012-04-03 2013-11-07 Verayo, Inc. Authentication token
US10749694B2 (en) 2018-05-01 2020-08-18 Analog Devices, Inc. Device authentication based on analog characteristics without error correction
US11044107B2 (en) 2018-05-01 2021-06-22 Analog Devices, Inc. Device authentication based on analog characteristics without error correction
US11245680B2 (en) 2019-03-01 2022-02-08 Analog Devices, Inc. Garbled circuit for device authentication

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0492692A2 (en) * 1990-12-20 1992-07-01 Delco Electronics Corporation Remote accessing system
WO2005041000A1 (en) * 2003-10-23 2005-05-06 Koninklijke Philips Electronics N.V. Method for protecting information carrier comprising an integrated circuit

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0492692A2 (en) * 1990-12-20 1992-07-01 Delco Electronics Corporation Remote accessing system
WO2005041000A1 (en) * 2003-10-23 2005-05-06 Koninklijke Philips Electronics N.V. Method for protecting information carrier comprising an integrated circuit

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
W RANKL AND W EFFING: "Handbuch der Chipkarten", 2002, HANSER VERLAG, MÜNCHEN, XP002440671 *

Also Published As

Publication number Publication date
WO2007072450A2 (en) 2007-06-28

Similar Documents

Publication Publication Date Title
CN108270571B (en) Internet of Things identity authorization system and its method based on block chain
US7933840B2 (en) Electronic signature security system
GB2423854B (en) Portable security transaction protocol
WO2007072450A3 (en) Puf protocol with improved backward security
Giri et al. A novel and efficient session spanning biometric and password based three-factor authentication protocol for consumer USB mass storage devices
CN110381055A (en) RFID system privacy-protection certification protocol method in healthcare supply chain
Liou et al. A sophisticated RFID application on multi-factor authentication
SG128516A1 (en) Updating a mobile payment device
CN110176989A (en) Quantum communications service station identity identifying method and system based on unsymmetrical key pond
CN105871866A (en) System and method for password management based on computer hardware information
CN108263105A (en) A kind of intelligent antifaking method for seal
CN102142963A (en) Multi-transaction factor-based challenge password authenticating system and method
Lee et al. Improvement of Li-Hwang's biometrics-based remote user authentication scheme using smart cards
Singh Multi-factor authentication and their approaches
Joshi Session passwords using grids and colors for web applications and PDA
Reddy et al. A comparative analysis of various multifactor authentication mechanisms
Gaurav et al. An intuitive approach to prevent smart card fraud using fingerprinting authentication and enhanced data encryption standard (EHDES)
Prakash et al. A generic framework to enhance two-factor authentication in cryptographic smart-card applications
Najera et al. Security Mechanisms and Access Control Infrastructure for e-Passports and General Purpose e-Documents.
Madhusudhan et al. An enhanced biometrics-based remote user authentication scheme using mobile devices
Molla Mobile user authentication system (MUAS) for e-commerce applications.
Toth Brewing next generation identity
Lin et al. Cryptanalysis and Improvement on Lee-Chen’s One-Time Password Authentication Scheme
Jeon et al. Enhanced Password-based Remote User Authentication Scheme Using Smart Cards
Thandeeswaran et al. An efficient and secure biometric authentication scheme for M-Commerce

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 06842644

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 06842644

Country of ref document: EP

Kind code of ref document: A2